Description
Does CA Top Secret have any type of support for CIM? This appears to be a resource class in IBM RACF per the Common Information Users Guide, v1.9, IBM PUB#SC33-7998.
Solution
Here are the generic steps for the CIM implementation:
- Define the WBEM resource class to the RDT (Resource Descriptor Table) via:
TSS ADDTO(RDT) RESCLASS(WBEM) ACLST(ALL=FFFF,CONTROL=C400,UPDATE=C000,READ=4000,NONE=0000)
- Own the necessary resources via:
TSS ADD(dept) WBEM(CIMSERV)
TSS ADD(dept) SURROGAT(BPX.SRV) (may have already been done)
- Create the region acid and define the started task to the started task table via:
TSS CREATE(CIMSERV) TYPE(USER) NAME('CIMSERV Region Acid') PASS(xxxx,0) DEPT(dept)
TSS PERMIT(CIMSERV) WBEM(CIMSERV) ACC(CONTROL)
TSS PERMIT(CIMSERV) SURROGAT(BPX.SRV)
TSS ADDTO(STC) PROCNAME(CFZCIM) ACID(CIMSERV)
- Permit access to the users, for example, CIMUSR, via:
TSS PERMIT(CIMUSR) WBEM(CIMSERV) ACC(READ)
TSS PERMIT(CIMSERV) SURROGAT(BPX.SRV.CIMUSR) ACC(READ)